CVE Alert: CVE-2025-60338 - n/a - n/a

CVE-2025-60338

UnknownNo exploitation known

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVSS v3.1 not provided

Vendor

n/a

Product

n/a

Versions

n/a

CWE

n/a

Vector

n a

Published

2025-10-22T00:00:00.000Z

Updated

2025-10-22T15:37:41.600Z

References

https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda/fromDhcpListClient/fromDhcpListClient.md

AI Summary Analysis

Risk verdict

DoS on affected devices is possible from crafted input targeting the DHCP-related function; there is no confirmed exploitation activity in the provided intel, so urgency remains moderate until further exploitation indicators appear.

Why this matters

Denial of service could disrupt network services for home and small business users, leading to downtime and support costs. An attacker achieving disruption could degrade customer trust or leverage service disruption as a distraction for secondary attacks; PoC material exists, suggesting the vulnerability is actionable in practice.

Most likely attack path

Network-based attack targeting the device’s DHCP service with specially crafted input; preconditions include access to the device on the local or adjacent network. Likely low user interaction and a straightforward trigger, with impact limited to service availability rather than data theft, depending on device isolation and scope.

Who is most exposed

Typically consumer routers and small office/home office gateways with DHCP services exposed on LAN segments; devices with default or weak network segmentation, remote management enabled, or poor firmware patching coverage are at higher risk.

Detection ideas

Spike in CPU/memory or DHCP service instability on the device.
Crash or restart events in system logs related to DHCP components.
Unusual DHCP traffic patterns or repeated failed input events.
Crash logs or stack trace remnants in device logs after triggers.
Indicators in PoC attempts or anomaly-traffic correlating with known triggers.

Mitigation and prioritisation

Apply vendor firmware updates as they become available; prioritise patch tracking and testing.
Restrict DHCP service exposure to trusted networks; disable remote management if not required.
Implement network segmentation and strict ingress/egress controls around DHCP traffic (UDP ports 67/68).
Enable rate limiting and anomaly detection for DHCP-related requests; increase log verbosity for DHCP components.
Plan a change window for firmware upgrade and verify stability in a staging environment; maintain asset inventory and rollback procedures.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon

Tags: CVE, cve-2025-60338, n-a, OSINT, threatintel

CVE Alert: CVE-2025-60338 – n/a – n/a